Round Up of Major Breaches and Scams
A misconfigured Elasticsearch server is responsible for exposing data amounting to more than 370 million records. Dating sites have recently started to increasingly become the target of malicious actors. This may be centered around how lucrative of a victim they are in terms of the data obtained. Keeping this in mind, just today, a new report has been released by vpnMentor which investigates a new data leak of 70+ websites falling mainly into the dating niche along with including e-commerce sites as well.
A 51-year-old US citizen has been charged with running a diamond and cryptocurrency-based Ponzi scheme. Prosecutors claim that Jose Angel Aman, from Washington, DC., operated a fraudulent investment scheme across the United States and Canada, luring investors with promises of quick returns in the diamond trade. The US Department of Justice (DoJ) said on Friday that Aman was the operator of a Ponzi scheme from May 2014 to May 2019. Together with his partners, Aman allegedly solicited individuals to invest in “diamond contracts,” in which their money would be used to buy large, rough, uncut diamonds.
September 10 — A former medical clinic employee pleaded guilty on Wednesday, Sept. 2 to breaching the health information of several individuals in contravention of the Health Information Act (HIA). Olivia Franc was fined $6,000, given three years’ probation including not being able to access health information, and is required to complete 180 hours of community service for the infractions. Ms. Franc accessed the health records of close acquaintances, friends and others in the community.
Round Up of Major Malware and Ransomware Incidents
While organizations are trying hard to cope with the new working conditions like connecting with remote employees and securing critical data at distributed networks, opportunistic cybercriminals are targeting organizations that lack cyber readiness. The “Acronis Cyber Readiness Report 2020,” from cybersecurity firm Acronis revealed how organizations are mitigating the effects caused by the pandemic to their business operations and security posture.
Round Up of Major Vulnerabilities and Patches
Academics have developed a new technique for attacking secure computer systems by abusing speculative execution, a CPU mechanism that’s normally used for performance optimizations. The technique, named BlindSide, was detailed in a paper published last week by a team of academics from the Stevens Institute of Technology in New Jersey, ETH Zurich, and the Vrije University in Amsterdam. Researchers say that BlindSide can be used to craft exploits that bypass ASLR (Address Space Layout Randomization) on modern operating systems.
Security researchers have discovered hundreds of vulnerabilities across major hotel and airline and travel booking websites, some of which have already suffered major breaches. UK-based consumer rights group Which? and tech consultancy 6point6 studied 98 travel sector companies, probing websites, subdomains, employee portals and other web properties with lawful online tools. They found Marriott-owned websites were riddled with 497 bugs including over 100 assessed to be “high” (96) or “critical” (18).
Researchers have disclosed the details of several potentially serious vulnerabilities affecting MobileIron’s mobile device management (MDM) solutions, including a flaw that can be exploited by an unauthenticated attacker for remote code execution on affected servers. The vulnerabilities were identified by researchers at security consulting firm DEVCORE and they were reported to MobileIron in early April. Patches were released on June 15 and the vendor released an advisory on July 1.
Unbeknownst to many, Microsoft patched last month in August one of the most severe bugs ever reported to the company, an issue that could be abused to easily take over Windows Servers running as domain controllers in enterprise networks. The bug was patched in the August 2020 Patch Tuesday under the identifier of CVE-2020-1472. It was described as an elevation of privilege in Netlogon, the protocol that authenticates users against domain controllers.